I used make-dummmy-cert that comes with apache 2.2 and ssl_mod to make a self-signed certificate. I tried making it for www.example.com, example.com, or *.example.com, but none of them would work for both www.example.com and example.com. The browser would say The certificate is only valid for example.com (or www.example.com or *.example.com respectively)
How do I make a self-signed cert that would work for both cases?
*.example.com won't match example.com because the star only matches subdomains of example.com. *.example.com will however match www.example.com and foo.example.com.
What I think you need to do if you really want to match both is to create a certificate with multiple CNs entries in the SubjectAltName, one for example.com and one for *.example.com (or www.example.com, if you don't need to match any other subdomains). This link might help: http://www.openssl.org/docs/apps/x509v3_config.html#Subject_Alternative_Name_
EDIT:
@Bill Weiss is right, I just checked one of the certs I have from GoDaddy and it has both www.example.com and example.com in the SubjectAltName, and both work in the browser. So it sounds like you can get what you need for cheap.
Good luck,
--jed
Do you have the same content at example.com and www.example.com? As far as I understand this would be a bad idea for SEO and you should redirect one to the other using for instance mod_rewrite.
